Digital Journal

Security expert insights: Log4j endemic vulnerability

A data center: Network cables plugged into a server. — © Michael Bocchieri/AFP/Getty Images A data center: Network cables plugged into a server. — © Michael ...
Nextgov

Log4j Vulnerability Prompts Lawmakers to Examine Agency Cyber Measures

Get the latest federal technology news delivered to your inbox. House Energy and Commerce Committee Leaders sent letters on Wednesday to several federal agencies requesting briefings to address ...
ZDNet

Not patched Log4j yet? Assume attackers are in your network, say CISA and FBI

A joint security alert by CISA and the FBI has warned organizations that haven't applied much-needed Log4j security patches and mitigations to VMware Horizon server instances to assume their network ...
Homeland Security Today

PERSPECTIVE: Why the December 2021 Log4j Event Remains Top of Mind for Cyber Professionals

The Cyber Safety Review Board (CSRB), created in 2021 to review major cyber events, released a report last summer recapping the 2021 discovery of the Log4j vulnerability. Its disclosure triggered a ...
Infosecurity-magazine.com

Over a Year of Log4j Lingering: Why We Need to Stop Viewing High-Severity Breaches as Anomalies

More than a year after the news broke in December 2021, the Log4j vulnerability, or Log4Shell to some, remains one of the most prolific cybersecurity incidents of our time. Still causing chaos for ...
PC Magazine

How a US Govt Board Helped the Open-Source Community Leap to Patch Log4j

'I think what surprised a lot of people was how deep the fact-finding could go,' Cyber Safety Review Board Chair Robert Silvers says at Black Hat about the response to the Log4j exploit. LAS VEGAS–Six ...
Bleeping Computer

Over 30% of Log4J apps use a vulnerable version of the library

Roughly 38% of applications using the Apache Log4j library are using a version vulnerable to security issues, including Log4Shell, a critical vulnerability identified as CVE-2021-44228 that carries ...
VentureBeat

How external attack surface management lets you see your org through an attacker’s eyes

Join our daily and weekly newsletters for the latest updates and exclusive content on industry-leading AI coverage. Learn More >>Don’t miss our special issue: How ...
Computer Weekly

Vulnerability exploitation volumes up over 50% in 2022

Driven by significant cyber security disclosures affecting supply chain dependencies, such as Log4j and Realtek, threat actors have vastly increased their use of vulnerabilities as a means to work ...
ZDNet

We are still failing to learn the most important lesson in cybersecurity. That needs to change, fast

One year ago, a newly discovered zero-day vulnerability rocked the world of cybersecurity, but 12 months on, there are clear signs that vital lessons haven't been learned. The catchily-titled CVE-2021 ...
Forbes

Application Security Predictions For 2023

JP oversees the Research and Innovation teams that keep Onapsis on the cutting-edge of the business-critical application security market. In 2021, we commenced the year reeling from the aftermath of ...